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DETAILED ACTION 



Response to Amendment 



Specification 



1 . In view of Applicant's amendments, all objections to the specification are 
withdrawn. 

Claim Objections 

2. In view of Applicant's amendments, all objections to the claims are withdrawn. 



Claim Rejections - 35 USC § 101 



3. In view of Applicant's amendments, all 101 rejections to the claims are 
withdrawn. 

Response to Arguments 



4. Applicant's arguments, see pages 14-15 of Applicant Remarks, filed 10/03/2005, 
with respect to the rejection(s) of claim(s) 1-2 under 35 USC 102(e) have been fully 
considered and are persuasive. Therefore, the rejection has been withdrawn. 
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However, upon further consideration, a new ground(s) of rejection is made in view of 
"Internetworking with TCP/IP, Volume 1" by Douglas Comer. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

5. Claims 1, 10, 11, 31, 40-43 and 45 are rejected under 35 U.S.C. 103(a) as being 

unpatentable over "Internetworking with TCP/IP, Volume 1" by Comer in view of US 

Patent No. 6,754,716 to Sharma et al. (hereinafter Sharma). 

As to claims 1 , 40 and 45, Comer discloses: 

a. Resolving an IP address of a packet with its physical or MAC address 
(page 75, section 5.5, paragraphs 2-3). 

b. An ARP cache to maintain IP and physical address bindings (page 76, 
section 5.6, paragraph 1). 

c. Sending an ARP request if there is no binding to the IP address (page 78, 
lines 1-3). 

d. Receiving an ARP reply message to a request message and incorporating 
the address bindings in the ARP cache (page 76, section 5.6, paragraph 1). 
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e. Discarding the packet if no ARP reply is received from the ARP request 

(page 78, section 5.9, paragraphs 1-2). 
Although Comer does disclose discarding a packet when there is no evidence of a 
binding between the IP address and the physical address of a packet, he does not 
expressly mention that the packet is spoofed. 

Sharma teaches that a packet is determined to be spoofed if the IP address and 
the MAC address of a router are not bound in an Address Resolution Module table in 
order to prevent fraudulent access to a target host's MAC address (column 5, lines 21- 
33). 

Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to implement the address resolution protocol of Comer 
with the spoofing designation of Sharma in order to prevent fraudulent access to a 
target host's MAC address. 

As to claim 1 0, Comer teaches not adding an IP address to an ARP table if there 
is no response to an ARP request (page 78, section 5.9, paragraphs 1-2). 

As to claim 1 1 , Comer teaches not adding an IP address to an ARP table if there 
is no response to an ARP request (page 78, section 5.9, paragraphs 1-2). 

As to claim 31 , Sharma teaches networked computers with memory (column 4, 
lines 22-24) that discard packets that are spoofed (column 5, line 44-column 6, line 19). 
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As to claim 41, Sharma teaches a system comprising a router (column 5, lines 7- 

20). 

As to claim 42, Sharma teaches monitoring incoming packets for spoofed 
addresses (column 5, lines 21-33). 

As to claim 43, Sharma teaches a system comprising endpoint or destination 
devices (column 5, lines 21-33). 

6. Claim 12 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
"Internetworking with TCP/IP, Volume 1" by Comer in view of US Patent No. 6,754,716 
to Sharma et al. (hereinafter Sharma) as applied to claiml above, and further in view of 
US Patent No. 6,442,144 to Hansen et al. (hereinafter Hansen). 

As to claim 12, Hansen teaches determining whether or not to add an IP address 
of a router to a table (column 4, lines 1 9-42) identifying whether a device is a router or 
not (column 4, lines 29-67), a forwarding database/ARP cache connecting all the 
matching devices (column 6, lines 20-35). Hansen sets up the system to transmit 
packets using ARP and routers, but does not expressly mention the actual forwarding of 
packets. Comer teaches transmitting (page 78, lines 1-3) and discarding packets 
according to Address Resolution Protocol (page 78, section 5.9, paragraphs 1-2). 
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7. Claims 20, 21 , 22, 32, 33, 35 and 36 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over "Internetworking with TCP/IP, Volume 1" by Comer in view of 
US Patent No. 6,754,716 to Sharma et al. (hereinafter Sharma) as applied to claim 1 
above, in further view of US Patent No. 5,884,024 to Lim et al. (hereinafter Lim). 

As to claim 20, Sharma teaches a list of IP addresses for each network device, 
but does specifically mention a predefined number of addresses (column 2, lines 43- 
48). Lim teaches a preset limit of IP addresses assigned to a device (column 3, lines 49- 
51) and, if the limit is exceeded, execution of the packet is stopped (column 8, lines 56- 
65) in order to reduce "the probability of IP address misuse" (column 1 , lines 50-52). 

Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to implement the ARP and spoofing designation of Comer 
and Sharma with the preset limit of IP addresses in order to reduce "the probability of IP 
address misuse" (column 1, lines 50-52). 

As to claim 21 , Lim teaches the assigning of IP addresses to client systems that 
initiate communication sessions with other clients (column 5, lines 27-48). 

As to claim 22, Lim teaches that the IP addresses are associated with the MAC 
address of the client system (column 5, lines 27-48). 
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As to claim 32, Lim teaches a preset limit of IP addresses assigned to a device 
(column 3, lines 49-51) and, if the limit is exceeded, execution of the packet is stopped 
(column 8, lines 56-65). 

As to claim 33, Sharma teaches that a packet is determined to be spoofed if the 
IP address and the MAC address of a router are not bound in an Address Resolution 
Module table in order to prevent fraudulent access to a target host's MAC address 
(column 5, lines 21-33). 

As to claims 35 and 36, Lim teaches a preset limit of IP addresses assigned to a 
device (column 3, lines 49-51). 

8. Claims 24 and 25 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over "Internetworking with TCP/IP, Volume 1" by Comer in view of US Patent No. 
6,754,716 to Sharma et al. (hereinafter Sharma) as applied to claim 1 above, in further 
view of US Patent No. 6,289,377 to Lalwaney et al. (hereinafter Lalwaney). 

As to claim 24, Comer and Sharma teach the forwarding of packets if the IP 
address is known (Sharma, column 7, lines 10-19), but does not specifically mention the 
use of Dynamic Host Configuration Protocol (DHCP) request packets. Lalwaney 
teaches the use of DHCP to manage IP and MAC addresses of a network device 
(column 3, lines 30-32) and forwarding DHCP requests, as identified by the IP address 
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of the packet (column 4, lines 38-51) in order to provide dynamic network configuration 
(column 1, Iines16-17). 

Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to implement the ARP and spoofing designation of Comer 
and Sharma with the forwarding of DHCP request packets of Lalwaney in order to 
provide dynamic network configuration (column 1, linesl 6-1 7). 

As to claim 25, Comer and Sharma teach the forwarding of packets if the IP 
address is known (Sharma, column 7, lines 10-19), but does not specifically mention the 
use of Dynamic Host Configuration Protocol (DHCP) request packets. Lalwaney 
teaches the use of DHCP to manage IP and MAC addresses of a network device 
(column 3, lines 30-32), forwarding DHCP requests, as identified by the IP address of 
the packet (column 4, lines 38-51) and examines the contents of the DHCP message 
before forwarding (column 5, lines 5-12). 

9. Claim 29 rejected under 35 U.S.C. 103(a) as being unpatentable over 
"Internetworking with TCP/IP, Volume 1" by Comer in view of US Patent No. 6,754,716 
to Sharma et al. (hereinafter Sharma) as applied to claims 1 and 1 1 above, in further 
view of US Patent No. 6,182,226 to Reid et al. (hereinafter Reid). 

As to claim 29, Comer and Sharma teach the discarding of spoofed packets, but 
do not expressly mention the logging of the MAC addresses of the senders of the 
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packets. Reid teaches collecting information about an attacker, including the source and 
route used to reach the system (column 4, lines 35-43) in order to control interactions 
between networks (column 1, lines 54-56). 

Therefore, it would have been obvious to one of ordinary skill in the art at the 
time the invention was made to implement the ARP and spoofing designation of Comer 
and Sharma with the collecting of attacker information in order to control interactions 
between networks (column 1, lines 54-56). 

Allowable Subject Matter 

10. Claims 2, 3, 4, 5, 6, 23, 30, 34, 37, 38 and 39 objected to as being dependent 
upon a rejected base claim, but would be allowable if rewritten in independent form 
including all of the limitations of the base claim and any intervening claims. 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to William S. Powers whose telephone number is 751 272 
8573. The examiner can normally be reached on m-f 7:30-5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Albert Decady can be reached at (571) 272-3819. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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